Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+

746 advisories

Loading
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 stores potentially sensitive... Moderate Unreviewed
CVE-2024-38321 was published Aug 3, 2024
The CTT Expresso para WooCommerce plugin for WordPress is vulnerable to sensitive information... Moderate Unreviewed
CVE-2024-6687 was published Aug 1, 2024
A vulnerability in Cato Networks SDP Client on Windows allows the insertion of sensitive... Moderate Unreviewed
CVE-2024-6977 was published Jul 31, 2024
Elasticsearch Insertion of Sensitive Information into Log File Moderate
CVE-2023-49921 was published for org.elasticsearch:elasticsearch (Maven) Jul 26, 2024
Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files Moderate
CVE-2024-41178 was published for object_store (Rust) Jul 23, 2024
oscerd
ops leaking secrets if `subprocess.CalledProcessError` happens with a `secret-*` CLI command Moderate
CVE-2024-41129 was published for ops (pip) Jul 22, 2024
phvalguima
In JetBrains TeamCity before 2024.07 parameters of the "password" type could leak into the build... Moderate Unreviewed
CVE-2024-41824 was published Jul 22, 2024
Information exposure in the logging system in Yugabyte Platform allows local attackers with... Moderate Unreviewed
CVE-2024-0006 was published Jul 19, 2024
Steeltoe Leaks Basic Auth Credentials to Logs After Fetch Registry Error Low
CVE-2024-40636 was published for Steeltoe.Discovery.ClientAutofac (NuGet) Jul 17, 2024
An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS... Moderate Unreviewed
CVE-2024-39532 was published Jul 11, 2024
Insertion of Sensitive Information into Log File vulnerability in TrustedLogin TrustedLogin... Moderate Unreviewed
CVE-2024-37270 was published Jul 10, 2024
Insertion of Sensitive Information into Log File vulnerability in SERVIT Software Solutions.This... Moderate Unreviewed
CVE-2024-37205 was published Jul 10, 2024
Multiple Exposure of sensitive information to an unauthorized actor vulnerabilities [CWE-200] in... High Unreviewed
CVE-2024-27784 was published Jul 9, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The API can... Moderate Unreviewed
CVE-2024-40598 was published Jul 7, 2024
An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. The Special... Moderate Unreviewed
CVE-2024-40596 was published Jul 7, 2024
Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355... Moderate Unreviewed
CVE-2022-25477 was published Jul 2, 2024
Under certain circumstances unnecessary user details are provided within system logs Moderate Unreviewed
CVE-2024-32757 was published Jul 2, 2024
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information... Moderate Unreviewed
CVE-2024-22276 was published Jun 27, 2024
IBM Security Verify Access 10.0.0 through 10.0.7.1 could allow a local user to obtain sensitive... Moderate Unreviewed
CVE-2023-30430 was published Jun 27, 2024
Bitbucket OAuth access token exposed in the build log by Bitbucket Branch Source Plugin Moderate
CVE-2024-39460 was published for org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source (Maven) Jun 26, 2024
Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions <2.3.0p7, <2... Low Unreviewed
CVE-2024-28830 was published Jun 26, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain a... Low Unreviewed
CVE-2024-29177 was published Jun 26, 2024
An information disclosure vulnerability in Phloc Webscopes 7.0.0 allows local attackers with... Unknown Unreviewed
CVE-2024-6060 was published Jun 26, 2024
A vulnerability in a password management API in Brocade Fabric OS versions before v9.2.1, v9.2.0b... Moderate Unreviewed
CVE-2024-29954 was published Jun 26, 2024
go-retryablehttp can leak basic auth credentials to log files Moderate
CVE-2024-6104 was published for github.com/hashicorp/go-retryablehttp (Go) Jun 24, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database